Using suitable examples, differentiate between the Domain Name System (DNS) and Layer 2 network attacks. Your answer must give types of network attacks as examples and use the examples to show the difference between the interception and Layer 2 attacks.

The Domain Name System (DNS) is a critical component of the internet infrastructure that translates human-readable domain names into IP addresses, allowing users to access websites by their domain names. On the other hand, Layer 2 network attacks target the data link layer of the OSI model, which is responsible for transferring data between adjacent network nodes.

Here are examples of network attacks in DNS and Layer 2, highlighting the differences:

1. DNS Cache Poisoning:
DNS cache poisoning is a type of attack where an attacker injects false DNS records into a DNS resolver's cache. For example, an attacker could corrupt the DNS cache of a targeted organization or ISP, redirecting users to malicious websites when they try to access legitimate domains. This attack occurs at the application layer (Layer 7) of the OSI model.

2. DNS Amplification:
In a DNS amplification attack, an attacker exploits misconfigured DNS servers to flood a victim's network with amplified DNS responses. By sending DNS queries with spoofed source IP addresses to open DNS resolvers, the attacker tricks them into sending large responses to the victim's IP address. This attack is focused on overloading the victim's network bandwidth. It operates at the network layer (Layer 3) of the OSI model.

In contrast, Layer 2 network attacks occur at the data link layer (Layer 2) and target the network switches, Ethernet frames, or MAC addresses. These attacks aim to manipulate the communication between devices connected to the same network segment, such as:

1. ARP Spoofing:
ARP spoofing is a Layer 2 attack where an attacker sends falsified Address Resolution Protocol (ARP) messages on a local network. By impersonating the MAC address of another device, the attacker can intercept or manipulate network traffic. For example, by sending ARP replies claiming to be the default gateway, the attacker can redirect traffic to their own machine.

2. MAC Flooding:
A MAC flooding attack targets the switch's CAM (Content Addressable Memory) table, which associates MAC addresses with corresponding ports. The attacker floods the switch with a large number of fake MAC addresses, causing the table to overflow. Once the table is full, the switch enters into a fail-open mode and starts forwarding all incoming traffic to every port. This enables the attacker to intercept, sniff, or modify network traffic.

To summarize, DNS attacks primarily focus on manipulating DNS-related infrastructure and protocols in order to redirect users or disrupt proper DNS resolution. On the other hand, Layer 2 network attacks exploit vulnerabilities in protocols and devices at the data link layer, allowing for interception, manipulation, or disruption of communication between devices on the same network segment.